We are pleased to submit the Information Security Oversight Office's 1997
Report to the President.

In this, the second year of implementation of Executive Order 12958, the executive
branch continues to report further achievements. Specifically, the program
enjoyed a second straight year of unprecedented achievements in declassification
and noted decreases in the number of original classifiers and the estimated
costs of the system. In the declassification program, agencies of the executive
branch reported declassifying over 204 million pages of records having permanent
historical value. Combined with the figures reported for fiscal year 1996,
the Order's first year of implementation, the executive branch has declassified
over 400 million pages of records under this Order. This achievement is extraordinary.
In two years under your Executive order, the agencies have declassified 56
percent more pages than in the prior 16 years combined.

When E.O. 12958 took effect in FY 1996, you called upon agency heads who have
original classification authority to review carefully the number of officials
within their agencies to whom they delegate this authority. In FY 1997 they
again responded by reducing the number by over 400 individuals. We believe
that some further reductions may be possible. However, it appears that some
executive branch agencies are approaching the minimum necessary for effective
operations.

We again report a decrease in the costs of implementing the security classification
system. While Government agencies reported cost estimates 28 percent higher
than in fiscal year 1996, industry achieved a dramatic 73 percent decrease
in its cost estimates, thus creating an overall decrease in the program. We
believe the increase for Government stems largely from the agencies' ability
to estimate these costs more accurately. Moreover, a significant portion of
the increase is reflected in the costs of information systems security. For
industry, the dramatic decrease represents the affect that appears to be resulting
from the consolidation of defense contractors.

Because of expressed interest in the declassification programs established
under the Executive order, agencies also identified that portion of the cost
estimates attributable to declassification programs. For FY 1997, the agencies
reported declassification cost estimates of $150,244,561, or slightly less
than five percent of their total cost estimates.

Despite these very positive trends, we are concerned about the increase in
classification activity for the second year in a row. While the reasons appear
to be related to changes in the statistical collection methods rather than
to increasing classified programs, we believe that the emphasis on declassification,
combined with decreasing staff size, may be adversely limiting attention to
classification standards and activity. Increased oversight and commitment
by ISOO and the agencies are needed to curb this trend and to help ensure
that the goals of the Order are met.

Respectfully,

Steven Garfinkel
Director

Summary of FY 1997 Program Activity

The following FY 1997 Report to the President is the second report under E.O.
12958. The following data highlight ISOO's findings.

Classification

The number of original classification authorities decreased by 410, to
4,010.

Reported original classification decisions increased by more than 53,625,
to 158,733.

YEAR TWO Implementation of the Automatic

Executive Order 12958, "Classified National Security Information," signed
by President Clinton on April 17, 1995, and effective on October 14, 1995,
is a radical departure from the secrecy policies of the past. The first order
to revise the security classification system since the end of the Cold War,
E.O. 12958 includes major changes which should result in fewer new secrets
and significantly more information being declassified. At the same time, the
Order includes all of the necessary safeguards to protect appropriately classified
information. Fiscal Year 1997 is the second full year of the Order's policies.

The declassification provisions of Section 3.4 contain the most far-reaching
reforms in the new security classification system. This section, entitled
"Automatic Declassification," requires the automatic declassification of most
historically valuable information that is 25 years old. In the past, these
older classified records remained classified indefinitely. Under E.O. 12958,
these same records, including what may be billions of pages created over the
past 50 years, will become automatically declassified five years from the
issuance date of the Order, or April 17, 2000. In order to keep information
classified beyond 25 years, agency heads must be able to demonstrate that
particular information falls within a narrow exception to automatic declassification.
That determination is then subject to outside review by an interagency panel
of senior officials.

In effect, E.O. 12958 reverses the resource burden. Unlike the prior systems,
in which agencies had to expend resources in order to declassify older information,
under E.O. 12958, agencies must expend the resources necessary to demonstrate
why older, historical information needs to remain classified.

II. PAGES DECLASSIFIED

Data collected and analyzed by ISOO, and reported in greater detail in the
"Declassification" section of this report starting on page 27, show that the
agencies of the executive branch continue to declassify historically valuable
documents in numbers unprecedented before the issuance of Executive Order
12958, "Classified National Security Information." E.O. 12958 went into effect
early in fiscal year 1996. In FY 1997, executive branch agencies declassified
over 204 million pages of historically valuable records. This represents more
than a 4 percent increase from the 196 million pages that the agencies declassified
in Fiscal Year 1996.

In other words, during the first two years that E.O. 12958 has been in effect,
executive branch agencies have declassified more than 400 million pages of
historically valuable documents. Added to the approximately 69 million pages
declassified in FY 19951, in just the past three years, the executive
branch has declassified more than 70 percent of the pages of historically
valuable documents that have been declassified since 1980.

1In FY 1995, the agencies of the executive branch declassified
24 million pages, and the President, through an Executive order, declassified
an additional 45 million pages of documents within the National Archives of
the United States.

Interim Targets

To meet the President's declassification targets detailed in Executive Order
12958, executive branch agencies were to declassify during FY 1996 at least
15 percent of their total records subject to the Order's automatic declassification
provisions, "and similar commitments for subsequent years until the effective
date for automatic declassification," i.e., April 17, 2000. Existing records
subject to automatic declassification have been appraised as historically
valuable and will be at least 25 years old in April 2000.

The data provided to date continue to indicate uneven accomplishment among
the agencies of the requirement to declassify significant portions of the
subject records each year. Some of the larger classifying agencies are only
now beginning to declassify records in significant numbers. However, the National
Archives and Records Administration (NARA) has done an extraordinary job in
declassifying various agencies' records within the National Archives of the
United States. From the data currently available, lSOO believes that the 400
million pages declassified by the executive branch in fiscal years 1996 and
1997 combined approach one-quarter of the total universe of classified pages
subject to automatic declassification by April2000.

File Series Exemptions from Automatic Declassification

E.O. 12958 authorized the heads of agencies that originate classified information
to designate particular file series of classified information to be exempt
from the Order's 25-year-old automatic declassification provision. These series
were to be limited to records replete with information that "almost invariably"
fell within one of the categorical exemptions to automatic declassification.
These exempt file series are subject to presidential approval. Agency heads
direct them to the President through the Assistant to the President for National
Security Affairs (National Security Adviser).

In June 1997, the National Security Adviser requested that ISOO review the
agencies' proposed exempt file series, and advise him of ISOO's recommendations
regarding their acceptance by the President. Assisted by staff members from
NARA and the National Security Council, the ISOO team has nearly completed
its review and is preparing to send its recommendations to the National Security
Adviser as this report is being prepared.

As a result of the ISOO review, six agencies withdrew entirely their requests
for file series exemptions. The remaining 10 agencies that requested such
exemptions have significantly narrowed the scope of their requests. Perhaps
most important, for each of the remaining file series proposed for exemption,
the agencies have established fixed dates to review them for declassification.

Other Positive Trends

An unprecedented effort to declassify older historically valuable information
is in place.

Agencies that have had only minimal declassification programs in the
past are now engaged in significant declassification efforts.

Communication and coordination between agencies' security and records
management staffs have improved tremendously from what was generally a
very poor situation.

A declassification infrastructure has been established in every agency
that originates classified information.

Communication among the agencies has increased significantly as they attempt
to coordinate their declassification efforts.

Lingering Problems or Pitfalls

In practice, automatic declassification at 25 years (rather than at a
later date) means that more information requires review, more information
is proposed for exemption, less bulk declassification occurs, and the
cost of compliance increases.

Start-up and compliance among the major classifying agencies has been
uneven. Several agencies were very slow in getting started, and they find
themselves in a difficult catch-up situation. In addition, many agencies
spent a year or more attempting to gain sufficient knowledge about the
scope of their classified holdings.

The rate of declassification at several agencies is lagging because of
an apparent unwillingness to alter an extremely cautious approach to declassification.
Several agencies will not declassify any information that has not undergone
a line-by-line review by several reviewers, notwithstanding the age of
the documents or their subject matter. This method of review is obviously
the most time consuming and costly. As a result, a few agencies that to
date have spent the most on their declassification programs have yet to
declassify significant numbers of records, although substantial increases
are anticipated.

Resource limitations are having a clear impact on agency compliance and
oversight.

Agencies, on the whole, have been slow in providing NARA with the timely
and complete declassification guidance that would permit NARA to declassify
more information. Resource and records management limitations increase
this tardiness.

In many cases, documents contain the classified information of several
agencies (agencies with equities in the document). Dealing with multiple
equities greatly complicates and delays the declassification review process.

In some instances, declassification activity has been so prolific that
it exceeds the ability of agency systems and resources to process the
records for public access, or even the ability to advise other agencies
and the public about what information has been declassified.

Interagency Security Classification Appeals Panel

The following is the verbatim text of "Highlights
of Activities of the Interagency Security Classification Appeals Panel: May
1997-April 1998" issued by the ISCAP in the summer of 1998. Partial facsimiles
of some of the documents declassified by the ISCAP follow. [not included here]

The National Industrial Security Program:

"Still In Transition and In Need of Renewed Commitment"

In 1991, the President formally established the National Industrial Security
Program (NISP) through Executive Order 12829. Its ultimate goal then, to make
the executive branch's industrial security program more efficient and cost
effective, remains obtainable only if there is a resurgence of commitment
and support from senior officials within the agencies with large numbers of
classified contracts.

The initial success of the NISP was a direct result of the shared commitment
and interest exhibited by top management within the critical agencies and
the outpouring of cooperation by key representatives from industry. Recently,
however, there is a growing sentiment within Government and industry that
the transition to a fully functional NISP is in dire need of renewed attention
by senior management. Symptomatic of these concerns is mounting frustration
over the inability, despite repeated efforts, to replace the current Chapter
8 of the National Industrial Security Program Operating Manual (NISPOM), which
provides guidance on information systems security. Despite a general consensus
that the current Chapter 8 is deficient and out-of-date, the agencies have
been struggling to reach agreement among themselves, much less with industry,
over the form and substance of the prospective replacement. This chapter is
crucial to the safeguarding and dissemination of almost all classified information,
and these automated information systems constitute by far the most costly
component of the information security program.

Consistent with ISOO's responsibilities under Section 102(b) of the Order,
ISOO began a series of surveys in the early summer of 1997. The initial survey
began with contractors located in the Boston, Massachusetts area, and was
expanded to include contractors in the Albuquerque, San Francisco, and Washington
Metropolitan areas. The purpose of the survey was to assess the level of implementation
achieved by contracting agencies and contractors with respect to the overall
objectives of Executive Order 12829, including:

Achieving uniformity in security procedures.

Implementing the reciprocity principle in security procedures, particularly
with regard to facility and personnel clearances.

Preliminary results indicate that some of the issues that were identified
in the first NISP survey in the Boston area also exist for some contractors
in the western regions, and in the Washington Metropolitan area. Some of these
contractors expressed concerns about inconsistent application of reciprocity
requirements for security clearances, the lack of specificity in some provisions
of the NISPOM, and the reluctance by some user agencies or specific components
to comply fully with the NISP. Despite these prevailing concerns, there is
evidence of progress and program accomplishment, particularly in the area
of cost savings, i.e., uniform physical security requirements; co-utilization
of facilities; and better utilization of personnel resources formerly tied
up with multiple agency inspections. ISOO expects to complete its analysis
and issue its second survey report in FY 1998. Despite a general acknowledgment
that the initial momentum of the NISP has tapered off, there remains a genuine
feeling, particularly at the grass roots level, that a revitalized NISP is
essential to continuing the dialogue between Government and industry begun
by Executive Order 12829.

Security Classification-- What Does it Cost?

The security classification program is now in its third year of reporting
costs for both Government and industry. Congress first requested security
classification cost estimates from the executive branch in 1994. The Office
of Management and Budget reported those cost estimates to Congress while working
with agencies to develop better sampling methodology for future years. Congress
has continued to seek updated estimates. In addition, ISOO is tasked through
Executive Order 12958 to report these costs to the President. Executive Order
12928, "National Industrial Security Program," also requires that industry
or contractor costs be collected and reported by ISOO to the President.

Until the last few years, the costs for the security classification program
were deemed non-quantifiable, intertwined with other somewhat amorphous overhead
expenses. While many of its costs remain ambiguous, ISOO continues to ask
questions about their makeup and is looking for ways to refine the methodology.
ISOO can resolve some of the questions, but requiring exact responses to these
cost collection efforts would be cost prohibitive. Consequently, ISOO relies
on sampling and therefore the measurements of costs of the security classification
system will be estimates. Nevertheless, by maintaining stability in methodology,
ISOO should gain over time a good indication of the total cost burden and
its upward and downward trends. GOVERNMENT

The data presented below were collected by categories based on common definitions
developed by an executive branch working group. The categories are defined
below.

Personnel Security: A series of interlocking and mutually supporting
program elements that initially establish a government or contractor employee's
eligibility, and ensure suitability for the continued access to classified
information.

Physical Security: That portion of security concerned with physical
measures designed to safeguard and protect classified facilities and information,
domestic or foreign.

Information Security: Includes two sub-categories: Classification
Management: The system of administrative policies and procedures for identifying,
controlling and protecting from unauthorized disclosure classified information,
the protection of which is authorized by executive order or statute. Classification
management encompasses those resources used to identify, control, transfer,
transmit, retrieve, inventory, archive, declassify or destroy classified information.
Information Systems Security: Measures and controls that ensure confidentiality,
integrity arid availability of the classified information processed and stored
by a computer or information technology system. It can include the provision
of all security features needed to provide an accredited system of protection
for computer hardware and software, and classified information material, or
processes in automated systems.

Professional Education, Training and Awareness: The establishment,
maintenance, direction, support and assessment of a security training and
awareness program; the certification and approval of the training program;
the development, management, and maintenance of training records; the training
of personnel to perform tasks associated with their duties; and qualification
and/or certification of personnel before assignment of security responsibilities
related to classified information.

Security Management and Planning: Development and implementation of
plans, procedures and actions to accomplish policy requirements, develop budget
and resource requirements, oversee organizational activities and respond to
management requests related to classified information.

Unique Items: Those department or agency-specific activities that are
not reported in any of the primary categories but are nonetheless significant
and need to be included.

Because of expressed interest in the declassification programs established
under Executive Order 12958, ISOO also requested agencies to identify that
portion of their cost estimates in the category of information security/classification
management that was attributable to their declassification programs. For FY
1997, the agencies reported declassification cost estimates of $150,244,561,
or slightly less than five percent of their total cost estimates. This added
sub-element will be included in future collections of security cost estimate
data.

The total security classification costs estimate within Government for FY
1997 is $3,380,631,170. This figure represents estimates provided by 30 executive
branch agencies including the Department of Defense, whose estimate incorporates
the National Foreign Intelligence Program. It does not include, however, the
cost estimates of the CIA, which that agency has classified.

A joint Department of Defense and industry group developed a cost collection
methodology for those costs associated with the use and protection of classified
information within industry. Because industry accounts for its costs differently
than Government, cost estimate data are not provided by category. Rather a
sampling method was applied that included volunteer companies from four different
categories of facilities. The category of facility is based on the complexity
of security requirements that a particular company must meet in order to hold
a classified contract with a Government agency.

The 1997 cost-estimate totals for industry pertain to the twelve month accounting
period for the most recently completed fiscal year of each company that was
part of the industry sample. For most of the companies included in the sample
December 31, 1997, was the end of their fiscal year. The estimate of total
security costs for 1997 within industry was $692,823,000.

Comparing Total Costs for Government and IndustryFiscal Years 1995 - 1997

The Government cost estimate shows a significant 28 percent increase above
the cost estimate reported for FY 1996. Industry, on the other hand, reported
a dramatic 73 percent reduction in its cost estimate. The total cost estimate
for Government and industry for 1997 is $4.1 billion, 21 percent below the
total cost estimate for 1996 of $5.2 billion.

The increased cost estimates do not appear to result from new classified programs.
Rather, several agencies reported that they have improved their ability to
estimate security costs more accurately. Also, a very significant proportion
of the increase is reflected in the cost of information systems security,
which is $600 million more than reported for FY 1996.To be sure, information
systems security already accounts for one-half of the cost estimates attributed
to the security classification system, and are projected to be an ever increasing
fraction in future years. Within DOD, initiatives related to such terms as
"Information Warfare," "Information Superiority," or "Information Assurance,"
apply to information systems that process both classified information and
other sensitive information. DOD has advised us that it is impossible for
it to separate the costs of maintaining these systems based on classified
vs. unclassified. Therefore, DOD has suggested that one-half or even more
of its costs in the information systems security subcategory actually is expended
on protecting sensitive but unclassified information. Of those agencies reporting,
DOD represents 96 percent of the total in the Information Security category.

Contributing to the costs incurred and to be incurred in this area are recent
concerns and initiatives in the areas of critical infrastructure, including
automatic data processing and handling systems. Therefore, ISOO anticipates
that Government costs associated with information systems security will continue
to rise, while the costs of other programs associated with the security classification
system will gradually decline.

Two reasons seem to explain why industry costs have decreased so markedly.
First, the current estimate was based on data provided by a larger number
of companies than has been included in past sampling, which suggests greater
accuracy. Second, there has been significant consolidation within defense
industry, especially among the largest contractors that account for the preponderance
of the cost estimates. The reduction in their numbers has had a very significant
impact on the total estimate. ISOO believes that the reported reductions represent
both savings that result from consolidation of companies, as well as the impact
that results from multiplying the average cost by a smaller number of large
contractors.

It appears that both Government and industry efforts to refine their collection
methods have paid off with more accurate data. The refining process seems
to be a continuous one, as well it should be given the many variables in the
security classification program. A better understanding of costs should help
considerably in the management of the security classification program.

Classification

Original Classifiers

Original classification authorities, also called original classifiers, are
those individuals designated in writing, either by the President or by selected
agency heads, to classify information in the first instance. Under Executive
Order 12958, only original classifiers determine what information, if disclosed
without authority, could reasonably be expected to cause damage to the national
security. Original classifiers must also be able to identify or describe the
damage.

For fiscal year 1997, the number of original classifiers throughout the executive
branch was 4,010, which represents a reduction of 410 classifiers from the
previous year. This figure, for the seventh consecutive year, represents the
lowest number of original classifiers ever reported by ISOO. Government downsizing
and its attendant restructuring, along with the end of the Cold War continue
to be factors contributing to this decrease. However, ISOO believes that Executive
Order 12958's requirement that agency heads carefully scrutinize and re-issue
delegations of original classification authority is the largest contributing
factor to this further decrease. In ISOO's view, some agencies have reached
a level in the number of original classification authorities that seems reasonable
for the conduct of their missions. Last year ISOO noted some agencies that
had comparable classification activity, but many more original classification
authorities. Some of these agencies reported reductions in FY 1997.

In fiscal year 1997, agencies reported decreases in the number of original
classifiers for the Top Secret and Confidential classification levels and
an increase of original classifiers for the Secret classification level. At
the Top Secret level, agencies reported a decrease of 23 percent, and a 73
percent decrease was reported by agencies at the Confidential level. The number
of Secret original classifiers increased by 23 percent or 528 additional classifiers.
The Department of State is responsible for 97 percent of the total decrease
in Confidential original classifiers. However, at the same time that State
decreased its Confidential original classifiers, it increased the number of
Secret original classifiers by 60 percent, which more than accounts for the
total increase in Secret original classifiers. Including its decrease in Top
Secret original classifiers, overall, State still realized a 5 percent decrease
in total original classifiers. In addition to the Department of State, ISOO
wishes to recognize six other agencies for their efforts to reduce the number
of original classifiers. Most impressive were the efforts of CIA and Justice,
which reported decreases of 80 percent and 51 percent, respectively. Although
the reductions in the number of original classifiers are not as significant
as the CIA and Justice, ISOO wishes to recognize Commerce, AID, DOE, and ACDA
for their efforts to reduce their number of original classifiers.

Original Classifiers Fiscal Year 1997

Total - 4,010

Top Secret - 898
Secret - 2,865
Confidential - 247

Original Classification

Original Classification is an initial determination by an authorized classifier
that information requires extraordinary protection, because unauthorized disclosure
of the information could reasonably be expected to cause damage to the national
security. The process of original classification ordinarily includes both
the determination of the need to protect the information and the placement
of markings to identify the information as classified. By definition, original
classification precedes all other aspects of the security classification system,
e.g., derivative classification, safeguarding and declassification. Therefore,
ISOO often refers to the number of original classification actions as the
most important figure that it reports.

For FY 1997, agencies reported a total of 158,788 original classification
decisions. This figure represents an increase of 51 percent over the number
of original classification decisions reported in FY 1996. By classification
level, Top Secret decreased by 2 percent, while Secret increased by 81 percent
and Confidential by 20 percent. Increased activity in military operations,
the revision of classification guides, and improved counting systems for the
data collection help to explain this increase. Although original classification
increased significantly in FY 1997, the number of decisions made by original
classifiers is lower than reported in previous fiscal years under prior executive
orders. Executive branch classifiers are in the second year of implementation
of this Order.

Original Activity Fiscal Year 1997

Total - 158,788

Top Secret - 7,246
Secret - 101,204
Confidential - 50,338

Original Classification Levels Fiscal Year 1997

Top Secret - 4%
Secret - 64%
Confidential - 32%

Three agencies-- DOD, Justice, and State-- now account for 94 percent of all
original classification decisions. DOD reported a total of 89,414 original
classification decisions, which represents a 79 percent increase from the
previous year. This increase can be attributed in part to the review and issuance
of new security classification guides as part of the continuing implementation
of the requirements of Executive Order 12958. Probably the most significant
factor contributing to the increase is the number of military operations and
exercises conducted by the services and components during fiscal year 1997.
Justice also reported a large increase from fiscal year 1996 of 57 percent.
State continued its downward trend in original classification activity by
4 percent.

Original Activity by Agency Fiscal Year 1997

DOD - 89,414
Justice - 39,953
State - 20,687
All Others - 8,734

Several agencies with smaller security classification programs reported marked
decreases in the number of original classification decisions. In particular,
ISOO commends DOT, OSTP, and USTR, which reported decreases of 97 percent,
75 percent, and 76 percent, respectively, in the number of original classification
decisions.

As part of the original classification process, the classifiers must determine
a time frame for the protection of the information. This is commonly called
the "duration" of classification. Executive Order 12958 creates three possible
outcomes at the time of original classification. First, if applicable to the
duration of the information's national security sensitivity, information should
be marked for declassification upon a specific date or event. For example,
a classifier could determine that the information's sensitivity will lapse
upon the completion of a particular project. The event would be noted on the
face of the document, and when the project had been completed, the information
would automatically be declassified. Second, if the original classification
authority could not determine an earlier specific date or event for declassification,
information should ordinarily be marked for declassification 10 years from
the date of the original decision. Third, if the specific information falls
within one or more of eight categories, the classifier may exempt it from
declassification at 10 years. In almost all instances, this will result in
the information being subject to automatic declassification at 25 years. The
indefinite duration marking used under Executive Order 12356, "Originating
Agency's Determination Required" or "OADR," was eliminated with the issuance
of E.O. 12958.

Duration of Classification Fiscal Year 1997

10 Years or Less - 46%
Exempt from 10 Year - 54%

During fiscal year 1997, classifiers chose declassification upon a specific
date or event less than 10 years, or upon the 10-year date for 73,250 original
classification decisions. On the remaining 85,538 original classification
decisions, original classifiers chose the exempted from 10-year declassification
instruction. In both years under this new Order, approximately half of all
original classification actions were marked for automatic declassification
in 10 years or less. This represents a dramatic change from the figures reported
under prior systems, when more than 90 percent of original decisions were
marked for indefinite classification. ISOO will look closely at this aspect
of the classification process as it monitors the security classification system
in the coming years. The long-term effect of assigning a specific date, event
or 10-year date bodes well for the classification system in that more information
will be declassified earlier, without the need for costlier reviews in the
future.

Derivative Classification

Derivative classification is the act of incorporating, paraphrasing, restating,
or generating in new form classified source information. Information may be
classified in two ways: (a) through the use of a source document, usually
correspondence or publications generated by an original classification authority;
or (b) through the use of a classification guide. A classification guide is
a set of instructions issued by an original classification authority. It pertains
to a particular subject and describes the elements of information about that
subject that must be classified, and the level and duration of classification.
Only executive branch or Government contractor employees with the appropriate
security clearance, who are required by their work to restate classified source
information, may classify derivatively.

Derivative Activity Fiscal Year 1997

Total - 6,361,366

Top Secret - 894,485
Secret - 4,455,028
Confidential - 1,011,853

For fiscal year 1997, agencies reported 6,361,366 derivative classification
actions. This figure represents an increase of 12 percent from that reported
in fiscal year 1996. The significant increase comes from two major classifying
agencies, DOD and Justice.

Derivative Classification Levels Fiscal Year 1997

Top Secret - 14%
Secret - 70%
Confidential - 16%

DOD's derivative classification activity increased by 67 percent for fiscal
year 1997. However, the number of classification decisions, all derivative,
reported by the National Reconnaissance Office (NRO) for fiscal year 1997
but unreported in prior years, account for the entirety of the increase. Without
NRO's decisions, DOD would have reported a 27 percent decrease in derivative
classification decisions. NRO provides support for the missions of both the
DOD and Intelligence Communities and generates significant amounts of generally
short-lived classified information in support of those missions. The continuing
military operations in Bosnia, the Gulf and elsewhere also contributed significantly
to this total. In addition to NRO, the military services are responsible for
most of the remaining DOD derivative classification activity. Army leads the
way for the second straight year after previously classifying less information
than either Air Force or Navy. Understandably, international conflicts or
incidents affect classification activity more than any other stimulus. In
ISOO's experience, this is especially true when a deployment is planned over
a period of time, since that time frame will generate a large quantity of
initial planning and intelligence information, much of which will be classified.

During fiscal year 1997, the four major classifying agencies reported very
different results for derivative classification activity. This year DOD has
the distinction of derivatively classifying the most information of the four
agencies. CIA managed a significant 33 percent decrease in its derivative
activity for FY 1997. State reported a modest four percent decrease, while
Justice reported a 58 percent increase. All other agencies reported 41,605
derivative classification actions, a 31 percent increase from the year before.

As noted last year, Justice, more specifically, the FBI, has instituted an
automated system which collects its data on classification activity. This
system, according to the FBI, provides more accurate automated sampling. Given
the dramatic decrease (84% decrease from FY 1995) in derivative activity for
Justice/FBI in fiscal year 1996, the dramatic increase for FY 1997 is puzzling.
It is not clear that FBl's data from the first year of the automated sampling
system provides the benchmark for the future. Rather, it seems the third year
of data collection with this automated system may help to determine what is
the true benchmark.

ISOO commends both CIA and State for their efforts to decrease their derivative
classification activity. These decreases in derivative classification have
translated into an overall decrease in classification activity for both agencies
as noted below in the discussion on combined classification activity. Other
agencies ISOO recognizes for decreasing their derivative activity include
USTR (-96 percent), USDA (-85 percent), GSA (-59 percent), NSC (-35 percent)
and NASA (-12 percent).

Combined Classification

Together, original and derivative classification decisions make up what is
called combined classification activity. In fiscal year 1997, combined classification
activity increased by 730,529 (13%), to a total of 6,520,154 actions. Since
derivative actions outnumbered original actions by a ratio of more than 40:1,
they had a much greater impact on combined classification activity.

Combined Activity for Fiscal Year 1997

Total 6,520,154

Top Secret - 901,731
Secret - 4,556,232
Confidential - 1,062,191

Combined Classification Levels Fiscal Year 1997

Top Secret - 14%
Secret - 70%
Confidential - 16%

DOD accounted for 65 percent of all combined classification activity reported
for fiscal year 1997, CIA, 31 percent, State, one percent and Justice, one
percent. As in the past, the remaining agencies accounted for only one percent
of the combined classification activity. CIA and State reported decreases
in combined classification by 33 and 4 percent, respectively.

A closer look at the figures reported for combined classification by the executive
branch shows that agencies increased overall classification by a smaller percentage
in FY 1997 than in FY 1996 (67 percent increase in FY 1996 and 13 percent
increase in FY 1997). Even though it is a smaller increase, it still constitutes
the beginning of an upward trend in classification after a dramatic downward
trend. ISOO is concerned that this upward trend not continue. While there
may be valid reasons for increases in classification activity, ISOO believes
the agencies may be putting the majority of their down-sized resources to
their declassification programs, to the detriment of classification programs,
including security education and training activities. ISOO understands the
agencies' concerns and efforts to meet the declassification time frames set
forth in E.O. 12958. However, giving little or no attention to the classification
process itself will create problems for the future of declassification. In
order to address this concern, ISOO plans to redirect its oversight activities
to classification in FY 1999. In particular, ISOO will look at agencies' classified
products through document reviews and look more closely at agency security
education and training programs.

Declassification

During fiscal year 1997, declassification activity continued its dramatic upward
trend. This upward trend can again be directly attributed to two declassification
programs: (1) "Automatic Declassification," Section 3.4 of E.O. 12958; and
(2) "Systematic Declassification Review," Section 3.5 of the Order, which
has very clearly been driven by the onset of an automatic declassification
program. The "Automatic Declassification" program began in mid-October 1995
with the effective date of Executive Order 12958. Under the "Automatic Declassification"
program, information appraised as having permanent historical value is automatically
declassified once it reaches 25 years of age unless an agency head has determined
that it falls within a narrow exemption that permits continued classification.
Fiscal year 1996 was the first full year of implementation for this program.
Started in 1972, "Systematic Review for Declassification" is the program under
which classified permanently valuable records are reviewed for the purpose
of declassification after the records reach a specific age. Under E.O. 12356,
NARA was the only agency required to conduct a systematic review of its classified
holdings. Now E.O. 12958 requires all agencies that originate classified information
to establish and conduct a systematic declassification review program.

In effect, systematic review has become an appendage of the automatic declassification
program. ISOO has collected data on declassification that does not distinguish
between the two programs because they are now so interrelated. The continuing
impact of the automatic declassification program is reflected in the amount
of information declassified within the executive branch during FY 1997. In
one year, the executive branch declassified over 204 million pages. In the
two years that Executive Order 12958 has been in effect, over 400 million
pages have been declassified. Compared to the total for the previous 16 years,
1980 to 1995, the executive branch declassified 56 percent more pages during
FY 1996 and FY 1997. For the 18 years during which ISOO has been collecting
data, declassification activity within the executive branch saw over 657 million
pages declassified.

NARA is responsible for 57 percent and DOD 28 percent of the total declassified
pages in FY 1997. State, USIA, and AID have also contributed substantially
to the declassification results of FY 1997, by almost doubling the number
of pages they declassified in FY 1996. In addition to the extraordinary contributions
of these agencies, ISOO commends the efforts of DOE, FEAR, Treasury, ACDA,
NASA, NSC, DOT and Eximbank.

the mandatory review process permits individuals or agencies to require an
agency to review specified national security information for purposes of seeking
its declassification. Requests must be in writing and describe the information
with sufficient detail to permit the agency to retrieve it with a reasonable
amount of effort. Mandatory review remains popular with some researchers as
a less contentious alternative to Freedom of Information Act (FOIA) requests.
It is also used to seek the declassification of presidential papers or records,
which are not subject to the FOIA.

Mandatory Review Pages Processed Fiscal Years 1996-1997

FY 1997 Total - 111,895
FY 1996 Total - 270,961

FY 1997 Granted in Full - 50,181
FY 1996 Granted in Full - 135,349

FY 1997 Granted in Part - 41,961
FY 1996 Granted in Part - 108,335

FY 1997 Denied in Full - 19,753
FY 1996 Denied in Full - 27,277

During FY 1997 agencies processed 2,828 cases totaling 111,895 pages. The
number of pages processed decreased by 59 percent from the previous year.
The percentage of pages declassified in whole or in part (82 percent) also
decreased from last year's rate (90 percent). Although the rate dropped by
eight percent, the number of pages declassified is still enough to indicate
that mandatory review remains a very successful means for declassifying information.
With the establishment of the Interagency Security Classification Appeals
Panel (ISCAP), created under Executive Order 12958 and discussed earlier in
this report, mandatory review requests are likely to increase.

Mandatory Review Appeals Disposition Fiscal Year 1997

Granted in Full - 10%
Granted in Part - 18%
Denied in Full - 72%

During FY 1997, agencies processed 87 appeals that comprised 3,333 pages.
Of these, 28 percent of the pages were granted in whole or in part.

The rate is 32 percent lower than last year. The lower rate of declassification
suggests that more recent records are being requested and agencies are retaining
the classification because the sensitivity of the information continues to
meet the criteria under the Order. It further suggests that the ISCAP may
expect to see an increase in appeals from denied requesters.